Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

71 lines
1.8 KiB

10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
  1. <?php
  2. /**
  3. * tests several functions which are used to prevent xss attacks
  4. *
  5. * @package test.util
  6. */
  7. require_once('include/text.php');
  8. class AntiXSSTest extends PHPUnit_Framework_TestCase {
  9. /**
  10. * test, that tags are escaped
  11. */
  12. public function testEscapeTags() {
  13. $invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
  14. $validstring=notags($invalidstring);
  15. $escapedString=escape_tags($invalidstring);
  16. $this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring);
  17. $this->assertEquals("&lt;submit type=&quot;button&quot; onclick=&quot;alert('failed!');&quot; /&gt;", $escapedString);
  18. }
  19. /**
  20. *xmlify and unxmlify
  21. */
  22. public function testXmlify() {
  23. $text="<tag>I want to break\n this!11!<?hard?></tag>";
  24. $xml=xmlify($text);
  25. $retext=unxmlify($text);
  26. $this->assertEquals($text, $retext);
  27. }
  28. /**
  29. * xmlify and put in a document
  30. */
  31. public function testXmlifyDocument() {
  32. $tag="<tag>I want to break</tag>";
  33. $xml=xmlify($tag);
  34. $text='<text>'.$xml.'</text>';
  35. $xml_parser=xml_parser_create();
  36. //should be possible to parse it
  37. $values=array(); $index=array();
  38. $this->assertEquals(1, xml_parse_into_struct($xml_parser, $text, $values, $index));
  39. $this->assertEquals(array('TEXT'=>array(0)),
  40. $index);
  41. $this->assertEquals(array(array('tag'=>'TEXT', 'type'=>'complete', 'level'=>1, 'value'=>$tag)),
  42. $values);
  43. xml_parser_free($xml_parser);
  44. }
  45. /**
  46. * test hex2bin and reverse
  47. */
  48. public function testHex2Bin() {
  49. $this->assertEquals(-3, hex2bin(bin2hex(-3)));
  50. $this->assertEquals(0, hex2bin(bin2hex(0)));
  51. $this->assertEquals(12, hex2bin(bin2hex(12)));
  52. $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX)));
  53. }
  54. //function qp, quick and dirty??
  55. //get_mentions
  56. //get_contact_block, bis Zeile 538
  57. }
  58. ?>